Question

how to configure sendmail for mail server host in virtual domain lan

Asked by: jmarkfoley

In the past I have configured a dedicated linux host to act as a mail server in a LAN configuration. Now, I need to do something similar (dedicate mail host), but I have several hosts in the lan each hosting several virtual domains. I want the mail server to route incoming mail to the appropriate host. I can easily configure Network Solutions to send the various domain's email to this one host. I'm sure this is a pretty typical configuration for ISP setups, but it's new to me. I need lots of help!

In the code snippet below is a sendmail.mc file (sans-comments) I've used as a templae in the past. Perhaps this is a good starting point.

What do I need to do to make this work on my mail server given the configuration I've spacified.

include(`../m4/cf.m4')
OSTYPE(`linux')dnl
define(`confTO_IDENT', `0')dnl
define(`confBAD_RCPT_THROTTLE',`1')dnl
define(`confCONNECTION_RATE_THROTTLE',`3')dnl
define(`confDEAD_LETTER_DROP',`/dev/null')dnl
define(`confDOUBLE_BOUNCE_ADDRESS',`nobody')dnl
define(`confDF_BUFFER_SIZE',`16384')dnl
define(`confXF_BUFFER_SIZE',`16384')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`lookupdotdomain')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl')dnl
FEATURE(`dnsbl', `relays.ordb.org')dnl
FEATURE(`dnsbl', `dul.dnsbl.sorbs.net')dnl
FEATURE(`delay_checks',`friend',`n')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
MASQUERADE_AS(`novatec-inc.com')
FEATURE(`masquerade_envelope')
FEATURE(`masquerade_entire_domain')
dnl# FEATURE(`relay_entire_domain')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

                                  
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:

Select allOpen in new window

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-07-19 at 03:48:45ID24582168
Topics

SendMail Email Server

,

Linux

Participating Experts
1
Points
500
Comments
32

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Sendmail as SMTP/POP
    My local network is connected to internet with dial-up ADSL. throu linux Gateway: eth0: 192.168.0.1, ppp0 I had implemented Windows mail server (Exchange2000): 192.168.0.200 port: 25+110 as internet mailing system. with the use of primary/secondary DNS of my ISP I had the l...
  2. SAN Question
    What is a SAN specifically an SAN using iSCSI.
  3. SAN sorage and LAN bandwidth in this scenario
    As far as my understanding of SAN goes. Its a dedicated storage network with seperate network back bone (using hubs, switches,fiber) between servers and storage devices and its seperate from LAN so that it doent hog the LAN. What about clients ? when they interact with server...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: _jesper_Posted on 2009-07-19 at 08:27:34ID: 24889764

Configure the mailertable:

mydomain.com         esmtp:other.smtp.server.com

makemap hash /etc/mail/mailertable < /etc/mail/mailertable

 

by: jmarkfoleyPosted on 2009-07-20 at 01:58:25ID: 24893320

OK, I've set that up as:
virtual.com  esmtp:[host1.mydomain.com]

 Now for upstream ... At Network Solutions I can set up A records, MX records and CNAME records. So, if I have domain mydomain.com and mail.mydomain.com is on 200.200.200.1, and virtual.com is a virtual domain being hosted on host1.mydomain.com at IP 200.200.200.5, would I:

A: @mydomain.com -> 200.200.200.1
A: mail.mydomain.com -> 200.200.200.1
A: @virtual.com -> 200.200.200.1
MX: mydomain.com -> mail.mydomain.com
MX: virtual.com -> mail.mydomain.com

Do I need an A record for mail.mydomain.com or does the MX record take care of that?

Would I do anything with CNAME (host alias)?

 

by: _jesper_Posted on 2009-07-20 at 05:59:01ID: 24894596

You need an A record for the MX fully qualified domain name (which you have as listed above).

List the MX for both domains as mail.mydomain.com.

Don't use "@virtual.com" with the same A record as mydomain.com -- use its own IP address.

I am not a fan of "@domain" in DNS.

I list an A record for every MX host, an A record for the machine and CNAME records for hosts that have the same IP as the machine:

mydomain.com.                 IN         MX  10 mail.mydomain.com.

ns.mydomain.com.              IN         A          200.200.200.1
mail.mydomain.com.           IN         A          200.200.200.1

www                               IN        CNAME   ns.mydomain.com.
smtp                               IN        CNAME   ns.mydomain.com.

and

virtual.com.                      IN         MX  10 mail.mydomain.com.

ns.virtual.com.                  IN         A          200.200.200.5

www                               IN        CNAME   ns.virtual.com.
smtp                               IN        CNAME   ns.virtual.com.


You need to configure a DNS record for every host that needs to be reachable with a hostname.

mail.mydomain.com should have a PTR record in the inverse database that matches the address listed in the forward zone.

 

by: jmarkfoleyPosted on 2009-07-21 at 06:40:32ID: 24904376

I've configured the DNS settings at Network Solutions as follows. See if I've grasped what you've said:

A records:
www.mydomain.com        200.200.200.2             # web server different than mail server
@.mydomain.com             [deleted per your advice]
mail.mydomain.com          200.200.200.1
allothers .mydomain.com  200.200.200.2

www.virtual.com               200.200.200.5
@.virtual.com                    [deleted per your advice]
mail.virtual.com                 200.200.200.1
allothers . virtual.com        200.200.200.5

MX records:
(for mydomain.com) 10 mail.mydomain.com
(for virtual.com)        10 mail.mydomain.com

I'm not really sure what to do with the CNAME records right now. So far, I have 3 hosts: mail.mydomain.com, host1.mydomain.com and host2.mydomain.com. host1 hosts virtual.com and host2 hosts mydomain.com. I have no additional virtual domains (yet).

Do I need the mail.virtual.com A record? Your example doesn't specify that.

Finally, since I only have 3 hosts at the moment, I have not configured DNS. Instead, I'm using /etc/resolv.conf and /etc/hosts. I was trying not to introduce too many variables at once into this exercise. I intended to configure DNS after getting the mail running. Bad idea?

 

by: jmarkfoleyPosted on 2009-07-21 at 12:48:48ID: 24908570

I'm starting to get lost here. Now, ssh is not working. Here's my setup:

mail.myhost.com 200.200.200.1
host1.myhost.com 200.200.200.5
host2.myhost.com 200.200.200.2

before doing the above I had the Network Solutions routing www.virtual.com to 200.200.200.5 and (allothers).myhost.com also going to 200.200.200.5. So, I could: ssh myuser@myhost.com and it would end up on 200.200.200.5 i.e. host1.myhost.com.

After doing the setup in my previous post, (24904376) ssh is not working (but www is still working). I think I'm getting lost.

 

by: _jesper_Posted on 2009-07-21 at 16:04:12ID: 24910217

Presuming that the actual machine names are "host":

host.mydomain.com      -> A   ->    200.200.200.1
mail.mydomain.com      -> A   ->    200.200.200.1
mydomain.com            -> MX ->   mail.mydomain.com
www.mydomain.com     -> CNAME -> host.mydomain.com

host.virtual.com          -> A    ->    200.200.200.5
myvirtual.com            -> CNAME -> host.myvirtual.com
virtual.com                -> MX  ->  host.mydomain.com

The important point here is that you identify where the host application resides.

If ssh isn't working, verify that the hostname, that you were ssh'ing to, has not changed in DNS.

If you could give an example of real domain names, what users do with what machine (*), we could probably correct this immediately.

* send out email
  download email
  ftp files
  www pages
  ... etc

 

by: jmarkfoleyPosted on 2009-07-24 at 08:01:37ID: 24935574

Those pretty much are the real names, but with genericized domains. I suppose it's not that critical a security issue though, so here are the real everthing:

Machines:

mail.fluxrunner.com    96.11.168.100
webhost1.fluxrunner.com 96.11.168.99
webhost2.fluxrunner.com 96.11.168.102

webhost1 will host virtual domain www.courtscan.com, plus others in the future.
webhost2 wil host  www.fluxrunner.com.

I want mail.fluxrunner.com to route mail for user@courtscan.com to webhost1 and mail for fluxrunner.com to webhost2.

That's pretty much what I need at the moment. If I can get those set up I think it should be easy enough to clone the idea for additional virtual domains and hosts.

I thought it could send courtscan.com ssh users to webhost1 via: "ssh user@courtscan.com", but if I can't do that and I have to do "ssh user@webhost1.fluxrunner.com", I can live with that.

I am all set on the www virtual hosting via apache/tomcat, I just need the mail routing correctly.

See if that covers what you asked. Meanwhile, I'll try out your A/MX/CNAME suggestions.

 

by: _jesper_Posted on 2009-07-24 at 08:21:55ID: 24935831

Actually, you can ssh to courtscan.com if there is an A record of 96.11.168.99 or a CNAME record of webhost1.fluxrunner.com in the DNS database for courtscan.com

   courtscan.com.           IN         CNAME        webhost1.fluxrunner.com.


mail.fluxrunner.com -> /etc/mail/mailertable

    courtscan.com         esmtp:webhost1.fluxrunner.com
    fluxrunner.com         esmtp:webhost2.fluxrunner.com

makemap hash mailertable < mailertable

webhost1.fluxrunner.com -> /etc/mail/local-host-names
    courtscan.com
    webhost1.fluxrunner.com

webhost2.fluxrunner.com -> /etc/mail/local-host-names
    fluxrunner.com
    webhost2.fluxrunner.com

And -> service sendmail restart
on all three machines

 

by: jmarkfoleyPosted on 2009-07-24 at 08:24:10ID: 24935860

(more) ...

Sorry, but I keep getting confused on your recommendations:

> host.mydomain.com      -> A   ->    200.200.200.1
> mail.mydomain.com      -> A   ->    200.200.200.1
> mydomain.com            -> MX ->   mail.mydomain.com
www.mydomain.com     -> CNAME -> host.mydomain.com

> host.virtual.com          -> A    ->    200.200.200.5
> myvirtual.com            -> CNAME -> host.myvirtual.com
> virtual.com                -> MX  ->  host.mydomain.com

host.mydomain.com and mail.mydomain.com are different machines, but maybe I confused you with the "fake" domains and IPs. Why is your the MX for mydomain.com going to mail.mydomain.com, but the MX for virtual.com is going to host.myvirtual.com? Shouldn't it be going to mail.mydomain.com as well (I have only one mailserver)? You have a CNAME for www.mydomain.com to host.mydomain.com, but there is no "www" prefixed on the CNAME for myvirtual. Finally, I don't really have a host.virtual.com, do I?

Perhaps we should just start clean with you using my REAL domains and IPs per my previous message.

Also, attached is an image of the Network Solutions CNAME form. I am having difficulty connection your CNAME configs with this form. What goes in "alias"? What goes in "Refers to hostname"?

 

by: jmarkfoleyPosted on 2009-07-24 at 08:26:56ID: 24935893

btw - I sent that last message before receiving your most recent message. It is not a commentary on 24935831, but rather on 24910217. I will digest 24935831 and try out suggestions.

 

by: _jesper_Posted on 2009-07-24 at 08:48:17ID: 24936135

The above example is accurate.  What I was referring to in the 'fake' example, was the use of an address record for courtscan.com.

You could have written it as:

courtscan.com.db
    courtscan.com.         IN        MX              10 mail.courtscan.com.
    mail                        IN        A                  96.11.168.99


Based upon actual information, I would suggest that you stick with:

courtscan.com.db
    courtscan.com.         IN        MX              10 mail.fluxrunner.com.

fluxrunn.com.db
    fluxrunner.com.        IN         MX              10 mail.fluxrunner.com.
    mail                       IN         A                 96.11.168.100
    webhost1               IN         A                 96.11.168.99
    webhost2               IN         A                 96.11.168.102

------------------------------------------------
What we have done:

* identified the address (A) records for each machine
* identified the host address (A) for the inbound mail server
* identified the mail exchange (MX) for courtscan.com and fluxrunner.com
* configured sendmail to forward incoming email on mail.fluxrunner.com to the appropriate servers
* added the hosts that are local to each server in the mail local host file

Does that help clear things up?

 

by: jmarkfoleyPosted on 2009-07-27 at 01:37:20ID: 24949664

OK, Here's what I've got so far...

DNS: fluxrunner.com
A records:
www                        96.11.168.102
* (All Others)           96.11.168.102
mail.fluxrunner.com 96.11.168.100
webhost1.fluxrunner.com 96.11.168.99
webhost2.fluxrunner.com 96.11.168.102
MX:
mail.fluxrunner.com 10

DNS: courtscan.com
A records:
www                      96.11.168.99
* (All Others)          96.11.168.99
mail.courtscan.com 96.11.168.100
 MX:
mail.fluxrunner.com

I have no CNAME records.

sendmail for mail.fluxrunner.com and webhost1.fluxrunner.com is configured as shown in the snippet below. At the moment, nothing is configured in the access.db's

BUT ... so far mail is not working quite right

if I send something to an external email address (mfoley@novatec-inc.com) from a user account on mail.fluxrunner.com it goes straight to the dead.letter folder. The /var/log/maillog file says " <mfoley@novatec-inc.com>... Unrecognized host name novatec-inc.com.", yet I can ssh to novatec-inc.com, etc.

If I send something from webhost1.fluxrunner.com to an external email address it does deliver it, albeit with a From: address of user@webhost1.fluxrunner.com, not user@courtscan.com.

If I send something to user@courtscan.com from an external host it bounces with "550 5.1.2 <mfoley@courtscan.com>... Host unknown (Name server: courtscan.com: no data known)"

If I send something to user@webhost1.fluxrunner.com, it delivers OK.

So, I still need a bit of work on this!

mail.fluxrunner.com
 
sendmail.mc
-----------
OSTYPE(`linux')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confTO_IDENT', `0')dnl
define(`confBAD_RCPT_THROTTLE',`1')dnl
define(`confCONNECTION_RATE_THROTTLE',`3')dnl
define(`confDEAD_LETTER_DROP',`/dev/null')dnl
define(`confDOUBLE_BOUNCE_ADDRESS',`nobody')dnl
define(`confDF_BUFFER_SIZE',`16384')dnl
define(`confXF_BUFFER_SIZE',`16384')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`lookupdotdomain')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl')dnl
FEATURE(`dnsbl', `relays.ordb.org')dnl
FEATURE(`dnsbl', `dul.dnsbl.sorbs.net')dnl
FEATURE(`delay_checks',`friend',`n')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
EXPOSED_USER(`root')dnl
 
/etc/mailertable
----------------
fluxrunner.com          esmtp:[webhost2.fluxrunner.com]
courtscan.com           esmtp:[webhost1.fluxrunner.com]
 
==================================================
webhost1 (courtscan.com's host)
 
sendmail.mc
-----------
OSTYPE(`linux')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confTO_IDENT', `0')dnl
define(`confBAD_RCPT_THROTTLE',`1')dnl
define(`confCONNECTION_RATE_THROTTLE',`3')dnl
define(`confDEAD_LETTER_DROP',`/dev/null')dnl
define(`confDOUBLE_BOUNCE_ADDRESS',`nobody')dnl
define(`confDF_BUFFER_SIZE',`16384')dnl
define(`confXF_BUFFER_SIZE',`16384')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`lookupdotdomain')dnl
FEATURE(`delay_checks',`friend',`n')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
EXPOSED_USER(`root')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
 
/etc/local-host-names
---------------------
courtscan.com
webhost1.fluxrunner.com
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:

Select allOpen in new window

 

by: _jesper_Posted on 2009-07-27 at 07:12:00ID: 24951720

1) courtscan.com is not configured with an MX record
2) let's change "estmp" in mailertable to "smtp" (did you hash the mailertable?)
3) on mail.fluxrunner.com (dns locally may not be configured) ->
    dig novatec-inc.com a
    dig novatec-inc.com mx

you should have  installed dns caching servers on all machines unless you are using a remote dns resolver:

bind-libs-9.3.4-8.P1.fc6
bind-libbind-devel-9.3.4-8.P1.fc6
bind-chroot-9.3.4-8.P1.fc6
bind-utils-9.3.4-8.P1.fc6

and in /etc/resolv.conf:

nameserver <ip of local machine>

4) when sending mail from webhost1.fluxrunner.com, do you have the local email client configured for the domain name in the configuration file (pine, mutt, squirrelmail, etc)?

Let's start with these problems first.

 

by: jmarkfoleyPosted on 2009-07-28 at 04:18:48ID: 24959524

> 1) courtscan.com is not configured with an MX record

Well, I think I do have courtscan.com configured with MX to mail.fluxrunner.com. In my message 24949664 I say I have an A record for mail.courtscan.com -> 96.11.168.100 (which is really mail.fluxrunner.com) and MX for courtscan.com -> to mail.fluxrunner.com.

> 2) let's change "estmp" in mailertable to "smtp" (did you hash the mailertable?)

I've changed esmtp to smtp and removed the brackets as well. My mc file specifies:
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
I created /etc/mail/mailertable.db using: make mailertable, but I have just now re-hased it using your makemap hash syntax, just in case.

> 3) on mail.fluxrunner.com (dns locally may not be configured) ->
>    dig novatec-inc.com a
>   dig novatec-inc.com mx

dig results shown below

> you should have  installed dns caching servers on all machines unless you are
> using a remote dns resolver:

I am using resolv.conf on my hosts and using network solutions as a remote dns resolver. If you think I need to set up DNS first on my hosts, I'll do that, but I was hoping to defer that task until later.

and in /etc/resolv.conf:

4) when sending mail from webhost1.fluxrunner.com, do you have the local email client configured for the domain name in the configuration file (pine, mutt, squirrelmail, etc)?

I'll check this and reply is a subsequent message

root@mail:/etc/mail# dig novatec-inc.com a
 
; <<>> DiG 9.3.1 <<>> novatec-inc.com a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4087
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
;; QUESTION SECTION:
;novatec-inc.com.               IN      A
 
;; ANSWER SECTION:
novatec-inc.com.        7200    IN      A       96.11.168.98
 
;; Query time: 40 msec
;; SERVER: 65.24.0.168#53(65.24.0.168)
;; WHEN: Tue Jul 28 07:15:25 2009
;; MSG SIZE  rcvd: 49
 
==============================================================
root@mail:/etc/mail# dig novatec-inc.com mx
 
; <<>> DiG 9.3.1 <<>> novatec-inc.com mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19531
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
 
;; QUESTION SECTION:
;novatec-inc.com.               IN      MX
 
;; ANSWER SECTION:
novatec-inc.com.        7200    IN      MX      10 inbound.novatec-inc.com.netsolmail.net.
 
;; Query time: 48 msec
;; SERVER: 65.24.0.168#53(65.24.0.168)
;; WHEN: Tue Jul 28 07:17:23 2009
;; MSG SIZE  rcvd: 87
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:

Select allOpen in new window

 

by: _jesper_Posted on 2009-07-28 at 07:15:08ID: 24960868

$ dig courtscan.com MX +trace

; <<>> DiG 9.6.1b1 <<>> courtscan.com MX +trace
;; global options: +cmd
.                       361317  IN      NS      M.ROOT-SERVERS.NET.
.                       361317  IN      NS      I.ROOT-SERVERS.NET.
.                       361317  IN      NS      D.ROOT-SERVERS.NET.
.                       361317  IN      NS      J.ROOT-SERVERS.NET.
.                       361317  IN      NS      K.ROOT-SERVERS.NET.
.                       361317  IN      NS      H.ROOT-SERVERS.NET.
.                       361317  IN      NS      B.ROOT-SERVERS.NET.
.                       361317  IN      NS      A.ROOT-SERVERS.NET.
.                       361317  IN      NS      L.ROOT-SERVERS.NET.
.                       361317  IN      NS      G.ROOT-SERVERS.NET.
.                       361317  IN      NS      F.ROOT-SERVERS.NET.
.                       361317  IN      NS      C.ROOT-SERVERS.NET.
.                       361317  IN      NS      E.ROOT-SERVERS.NET.
;; Received 272 bytes from 192.168.1.11#53(192.168.1.11) in 0 ms

com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
;; Received 503 bytes from 192.36.148.17#53(I.ROOT-SERVERS.NET) in 56 ms

courtscan.com.          172800  IN      NS      ns39.worldnic.com.
courtscan.com.          172800  IN      NS      ns40.worldnic.com.
;; Received 110 bytes from 192.55.83.30#53(M.GTLD-SERVERS.NET) in 32 ms

courtscan.com.          7200    IN      SOA     NS39.WORLDNIC.COM. namehost.WORLDNIC.COM. 109072109 10800 3600 604800 3600
;; Received 93 bytes from 205.178.190.20#53(ns39.worldnic.com) in 59 ms


$ dig courtscan.com @ns39.worldnic.com MX

; <<>> DiG 9.6.1b1 <<>> courtscan.com @ns39.worldnic.com MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9883
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;courtscan.com.                 IN      MX

;; AUTHORITY SECTION:
courtscan.com.          7200    IN      SOA     NS39.WORLDNIC.COM. namehost.WORLDNIC.COM. 109072109 10800 3600 604800 3600

;; Query time: 57 msec
;; SERVER: 205.178.190.20#53(205.178.190.20)
;; WHEN: Tue Jul 28 09:13:37 2009
;; MSG SIZE  rcvd: 93



---------------------------------------------------------------------------------

re: novatec -> I can see that today.  Yesterday there was no answer.

 

by: jmarkfoleyPosted on 2009-07-31 at 07:56:08ID: 24989326

I believe I've made the mods you suggested. I'm not sure your dig output tells me anything I can figure out.

When I send an email from mfoley@novatec-inc.com to mfoley@courtscan.com I get the following error at novatec:

550 5.1.2 <mfoley@courtscan.com>... Host unknown (Name server: courtscan.com: no data known)

The /var/log/maillog on mail.fluxrunner.com appears to have nothing at all from this attempt. So, it seems that the message is not even getting to mail.fluxrunner.com.

 

by: _jesper_Posted on 2009-08-01 at 08:05:33ID: 24995607

From the machine that is originating the email:

dig courtscan.com +trace

 

by: jmarkfoleyPosted on 2009-08-03 at 13:52:38ID: 25008519

results shown below. I'm not deciphering much from this. The IP 65.24.0.168 is one of the entries in mail.fluxrunner.com's /etc/resolv.conf. Does this help? Hmmm, I didn't think it would be this tough!

> dig courtscan.com +trace
 
; <<>> DiG 9.3.0 <<>> courtscan.com +trace
;; global options:  printcmd
.                       419668  IN      NS      M.ROOT-SERVERS.NET.
.                       419668  IN      NS      K.ROOT-SERVERS.NET.
.                       419668  IN      NS      G.ROOT-SERVERS.NET.
.                       419668  IN      NS      D.ROOT-SERVERS.NET.
.                       419668  IN      NS      J.ROOT-SERVERS.NET.
.                       419668  IN      NS      A.ROOT-SERVERS.NET.
.                       419668  IN      NS      E.ROOT-SERVERS.NET.
.                       419668  IN      NS      C.ROOT-SERVERS.NET.
.                       419668  IN      NS      I.ROOT-SERVERS.NET.
.                       419668  IN      NS      L.ROOT-SERVERS.NET.
.                       419668  IN      NS      B.ROOT-SERVERS.NET.
.                       419668  IN      NS      F.ROOT-SERVERS.NET.
.                       419668  IN      NS      H.ROOT-SERVERS.NET.
;; Received 228 bytes from 65.24.0.168#53(65.24.0.168) in 32 ms
 
com.                    172800  IN      NS      H.GTLD-SERVERS.NET.
com.                    172800  IN      NS      D.GTLD-SERVERS.NET.
com.                    172800  IN      NS      G.GTLD-SERVERS.NET.
com.                    172800  IN      NS      K.GTLD-SERVERS.NET.
com.                    172800  IN      NS      B.GTLD-SERVERS.NET.
com.                    172800  IN      NS      I.GTLD-SERVERS.NET.
com.                    172800  IN      NS      C.GTLD-SERVERS.NET.
com.                    172800  IN      NS      L.GTLD-SERVERS.NET.
com.                    172800  IN      NS      F.GTLD-SERVERS.NET.
com.                    172800  IN      NS      E.GTLD-SERVERS.NET.
com.                    172800  IN      NS      A.GTLD-SERVERS.NET.
com.                    172800  IN      NS      J.GTLD-SERVERS.NET.
com.                    172800  IN      NS      M.GTLD-SERVERS.NET.
;; Received 491 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 115 ms
 
courtscan.com.          172800  IN      NS      ns39.worldnic.com.
courtscan.com.          172800  IN      NS      ns40.worldnic.com.
;; Received 110 bytes from 192.54.112.30#53(H.GTLD-SERVERS.NET) in 136 ms
 
courtscan.com.          7200    IN      SOA     NS39.WORLDNIC.COM. namehost.WORLDNIC.COM. 109072109 10800 3600 604800 3600
;; Received 93 bytes from 205.178.190.20#53(ns39.worldnic.com) in 44 ms
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:

Select allOpen in new window

 

by: _jesper_Posted on 2009-08-03 at 14:07:27ID: 25008646

What this means is that under the courtscan.com DNS entries, there is no A record for the domain (and also no MX record).

Log back into NetSol's website, DNS management, choose courtscan.com and add the A, CNAME and MX records suggested.

 

by: jmarkfoleyPosted on 2009-08-03 at 16:06:46ID: 25009333

I've posted a screen image of the network solutions configuration page for courtscan. I've added lines and ellipses in red to highlight what I think are the germain entries. I believe I do have A and MX records configured. If I have these wrong, please let me know.

I still don't have any CNAME records. I was not able to extrapolate from your DNS database format to the netsol form which I posted in message 24935860.

If what I am trying to do is not possible using netsol's DNS service, perhaps I should configure my own?

 

by: _jesper_Posted on 2009-08-04 at 05:10:58ID: 25012699

Looks good to me.  What DNS servers are authoritative (listed) for courtscan.com?  I'd like to query them directly.

 

by: jmarkfoleyPosted on 2009-08-04 at 13:59:18ID: 25018090

Through Network solutions courtscan.com's domain name servers are set to:
NS39.WORLDNIC.COM
NS40.WORLDNIC.COM

All the local fluxrunner.com hosts have the following entries in /etc/resolv.conf:
nameserver 65.24.0.168
nameserver 65.24.0.169

 

by: _jesper_Posted on 2009-08-04 at 14:36:23ID: 25018443

ns39 and ns40 don't know about it:

$ dig courtscan.com @ns39.worldnic.com mx

; <<>> DiG 9.6.1b1 <<>> courtscan.com @ns39.worldnic.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35755
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; WARNING: recursion requested but not available
                    ^^^^^^^^^^^^^^^^^^^^^^^^

Same response with ns40.  These servers are not aware that they are authoritative for this zone.  Please give NetSol a call.

Unless you are required to increment the serial number ??

 

by: jmarkfoleyPosted on 2009-08-05 at 17:00:57ID: 25029096

I added an A record for @(none) as 96.11.168.100 (see image in comment 25009333). The 'dig' results are shown below. I think we've improved, but not quite there. When I send a message from novatec-inc.com to courtscan.com I get the following bounce on novatec-inc.com:

<mfoley@courtscan.com>
    (reason: 553 5.1.2 <mfoley@novatec-inc.com>... Unrecognized host name novatec-inc.com.)

   ----- Transcript of session follows -----
... while talking to courtscan.com.:
>>> MAIL From:<mfoley@novatec-inc.com> SIZE=764
<<< 553 5.1.2 <mfoley@novatec-inc.com>... Unrecognized host name novatec-inc.com.
501 5.6.0 Data format error

nothing is appearing in the /var/log/maillog for either mail.fluxrunner.com or webhost1.fluxrunner.com. In fact, there aren't even any bogus email attempts in the mail.fluxrunner.com log (but there are in webhost1.fluxrunner.com).

Are we getting closer? Do you think I should set the A record @(none) for fluxrunner.com?


 
> dig courtscan.com @ns39.worldnic.com mx
 
; <<>> DiG 9.3.0 <<>> courtscan.com @ns39.worldnic.com mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48073
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
 
;; QUESTION SECTION:
;courtscan.com.                 IN      MX
 
;; AUTHORITY SECTION:
courtscan.com.          7200    IN      SOA     NS39.WORLDNIC.COM. namehost.WORLDNIC.COM. 109080513 10800 3600 604800 3600
 
;; Query time: 64 msec
;; SERVER: 205.178.190.20#53(ns39.worldnic.com)
;; WHEN: Wed Aug  5 19:50:37 2009
;; MSG SIZE  rcvd: 93
                                              
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:

Select allOpen in new window

 

by: _jesper_Posted on 2009-08-06 at 09:53:05ID: 25035554

1)  courtscan.com A record now appears.  you need to also add the MX record.  I don't use @ at all.  it swallows stuff up that it shouldn't.  if you set the A, CNAME, MX and NS records for the hosts as recommended, i think everything will work fine.

2) novatec-inc.com -- this is a problem with the originating machine not resolving novatec-inc.com.  from which machine is this mail being sent?

 

by: jmarkfoleyPosted on 2009-08-07 at 06:42:43ID: 25042558

Wow, this is being much more difficult than I thought ...

1) All I did to make the courtscan.com A record appear with the 'dig' is that I added the @ record. So, not using it at all doesn't seem to work.

2) The originating machine *is* novatec-inc.com, so it can't be that machine that is not resolving. I send and receive hundreds of emails from that machine every day. I've also put the novatec-inc.com IP into mail.fluxrunner.com's /etc/hosts file to no effect.

I can try the CNAME thing, but I'm not sure of the configuration. What is the host name? What is the alias name? Is it:

Alias                            Host
-----------------------      --------------------------
mail.courtscan.com -> mail.fluxrunner.com

Since our changes on July 27th I have there is zero in the /var/log/maillog file on mail.fluxrunner.com. I've even rebooted in case the sendmail wasn't running.

 

by: _jesper_Posted on 2009-08-07 at 06:56:38ID: 25042676

I still don't see a configured MX server for courtscan.com

And this bothers me:

   "Unrecognized host name novatec-inc.com."

It's complaining about novatec-inc.com -- not courtscan.com.

 

by: _jesper_Posted on 2009-08-07 at 06:58:38ID: 25042694

It might be easier if we work on this off-line and post the fix when complete.

 

by: jmarkfoleyPosted on 2009-08-07 at 12:44:39ID: 25046248

working offline would be fine. How do we do that? My email is already all over this question: mfoley@novatec-inc.com. Meanwhile, I'm going to try to get normal, non-virtual email working with fluxrunner.com. I've accomplished such setups in the past. Then maybe we can add the virtual domain.

 

by: _jesper_Posted on 2009-08-10 at 07:12:08ID: 25060028

And add in /etc/mail/access for mail.fluxrunner.com:

To:courtscan.com       RELAY

Once the MX record for this domain is visible via a dig, mail to this domain should work.

 

by: jmarkfoleyPosted on 2009-08-11 at 14:01:36ID: 25073402

jesper - I'm posting my final results from our offline correspondence. This, plus your suggestion in 25060028 seem to have done the trick. Thanks

----------------------------------------------
I think I have things working now! Now all I have to do is get specified sers on webhost2.fluxrunner.com to masquerade as user@courtscan.com. I'll research that and make that a separate post if necessary.

So, here is the total configuration for virtual hosting. Perhaps you can
copy/paste this to a response on EE and I can give points:

fluxrunner.com
==============

DNS Settings at Network Solutions:

A records:
----------
www                      xx.xx.xx.102
@(none)                  xx.xx.xx.100       (I'll try removing this later)
*(other)                 xx.xx.xx.100       (likewise)
mail.fluxrunner.com      xx.xx.xx.100
webhost1.fluxrunner.com  xx.xx.xx.99
webhost2.fluxrunner.com  xx.xx.xx.102

MX records:
-----------
mail.fluxrunner.com


mail.fluxrunner.com config - xx.xx.xx.100
=========================================
Mail server for receipt and delivery of mail for fluxrunner.com and irtual domains hosted on fluxrunner.com hosts.  Other hosts send outgoing mail directly via smtp, not routed through mail.fluxrunner.com.

sendmail.mc (w/o comments)
-----------
include(`../m4/cf.m4')
VERSIONID(`$Id: fluxrunner.mc,v 1.0 2009/08/08 11:07:18 root Exp root $')dnl
OSTYPE(`linux')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confTO_IDENT', `0')dnl
define(`confBAD_RCPT_THROTTLE',`1')dnl
define(`confCONNECTION_RATE_THROTTLE',`3')dnl
define(`confDEAD_LETTER_DROP',`/dev/null')dnl
define(`confDOUBLE_BOUNCE_ADDRESS',`nobody')dnl
define(`confDF_BUFFER_SIZE',`16384')dnl
define(`confXF_BUFFER_SIZE',`16384')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`lookupdotdomain')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`dnsbl')dnl
FEATURE(`dnsbl', `dul.dnsbl.sorbs.net')dnl
FEATURE(`delay_checks',`friend',`n')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
MASQUERADE_AS(`fluxrunner.com')
FEATURE(`masquerade_envelope')
FEATURE(`masquerade_entire_domain')
FEATURE(`relay_entire_domain')dnl
EXPOSED_USER(`root')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

/etc/mail/access
----------------
courtscan.com           RELAY

/etc/mail/mailertable
---------------------
fluxrunner.com          smtp:[xx.xx.xx.102]
courtscan.com           smtp:[xx.xx.xx.99]

/etc/mail/local-host-names
--------------------------
(empty)

----------------------------------------------------------

courtscan.com
==============

DNS Settings at Network Solutions:

A records:
----------
www                      xx.xx.xx.99
@(none)                  xx.xx.xx.100
*(other)                 xx.xx.xx.99
mail.courtscan.com       xx.xx.xx.100

MX record:
----------
mail.flxurunner.com

webhost1.fluxrunner.com config - xx.xx.xx.99
============================================
webhost1 hosts virtual domain courtscan.com for web and email users.

sendmail.mc
-----------
same as mail.fluxrunner.com except:
remove limiting maximum number of recipients confMAX_RCPTS_PER_MESSAGE
remove blacklisting
remove masquerading

/etc/mail/access
----------------
xx.xx.xx.100 RELAY

/etc/mail/mailertable
---------------------
(empty)

/etc/mail/local-host-names
--------------------------
courtscan.com
webhost1.fluxrunner.com


THAT'S IT! I've not included the configuration for webhost2 since it is
basically the same as webhost1 except no courtscan.com in
local-host-names.

 

by: jmarkfoleyPosted on 2009-08-11 at 14:02:15ID: 31605161

Thanks for spending so much time and going the "extra mile" with me on this. Greatly appreciated.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...